saml_idp 0.11.0 → 0.12.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/README.md +9 -0
- data/lib/saml_idp.rb +1 -0
- data/lib/saml_idp/fingerprint.rb +19 -0
- data/lib/saml_idp/version.rb +1 -1
- data/spec/lib/saml_idp/fingerprint_spec.rb +14 -0
- data/spec/support/saml_request_macros.rb +1 -1
- metadata +6 -3
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 73712903d3949f895e57a13b138c007e0ae74715d7d546b4415f278829e59054
|
|
4
|
+
data.tar.gz: fbab7e28d01ea3fc7624e52e20a234f6f997a51643905170e6809cb3f7beeec7
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 80a4683963e04b8b7f68051d15b12a5f0a098300cbfba9b72c4ed3940338ab3505c47cda0b091a9a36c1605f4396b5f1732bed7d3356438dd944f83541573a47
|
|
7
|
+
data.tar.gz: b01be29f645e31f9987afef74bb8b368ccfc86340b67e29524f582fe139e99b56cd827315d5a4e73d34b69e2c3c5b89d881c89f6d29b68c4b3cd2ff5499a39c3
|
data/README.md
CHANGED
|
@@ -245,6 +245,15 @@ The fingerprint to use, if you use the default X.509 certificate of this gem, is
|
|
|
245
245
|
9E:65:2E:03:06:8D:80:F2:86:C7:6C:77:A1:D9:14:97:0A:4D:F4:4D
|
|
246
246
|
```
|
|
247
247
|
|
|
248
|
+
# Fingerprint
|
|
249
|
+
|
|
250
|
+
The gem provides an helper to generate a fingerprint for a X.509 certificate.
|
|
251
|
+
The second parameter is optional and default to your configuration `SamlIdp.config.algorithm`
|
|
252
|
+
|
|
253
|
+
```ruby
|
|
254
|
+
Fingerprint.certificate_digest(x509_cert, :sha512)
|
|
255
|
+
```
|
|
256
|
+
|
|
248
257
|
# Service Providers
|
|
249
258
|
|
|
250
259
|
To act as a Service Provider which generates SAML Requests and can react to SAML Responses use the
|
data/lib/saml_idp.rb
CHANGED
|
@@ -0,0 +1,19 @@
|
|
|
1
|
+
module SamlIdp
|
|
2
|
+
module Fingerprint
|
|
3
|
+
def self.certificate_digest(cert, sha_size = nil)
|
|
4
|
+
sha_size ||= SamlIdp.config.algorithm
|
|
5
|
+
digest_sha_class(sha_size).hexdigest(OpenSSL::X509::Certificate.new(cert).to_der).scan(/../).join(':')
|
|
6
|
+
end
|
|
7
|
+
|
|
8
|
+
def self.digest_sha_class(sha_size)
|
|
9
|
+
case sha_size
|
|
10
|
+
when :sha256
|
|
11
|
+
Digest::SHA256
|
|
12
|
+
when :sha512
|
|
13
|
+
Digest::SHA512
|
|
14
|
+
else
|
|
15
|
+
raise ArgumentError, "Unsupported sha size parameter: #{sha_size}"
|
|
16
|
+
end
|
|
17
|
+
end
|
|
18
|
+
end
|
|
19
|
+
end
|
data/lib/saml_idp/version.rb
CHANGED
|
@@ -0,0 +1,14 @@
|
|
|
1
|
+
require 'spec_helper'
|
|
2
|
+
|
|
3
|
+
module SamlIdp
|
|
4
|
+
describe Fingerprint do
|
|
5
|
+
describe "certificate_digest" do
|
|
6
|
+
let(:cert) { sp_x509_cert }
|
|
7
|
+
let(:fingerprint) { "a2:cb:f6:6b:bc:2a:33:b9:4f:f3:c3:7e:26:a4:21:cd:41:83:ef:26:88:fa:ba:71:37:40:07:3e:d5:76:04:b7" }
|
|
8
|
+
|
|
9
|
+
it "returns the fingerprint string" do
|
|
10
|
+
expect(Fingerprint.certificate_digest(cert, :sha256)).to eq(fingerprint)
|
|
11
|
+
end
|
|
12
|
+
end
|
|
13
|
+
end
|
|
14
|
+
end
|
|
@@ -82,7 +82,7 @@ module SamlRequestMacros
|
|
|
82
82
|
response_hosts: [URI(saml_acs_url).host],
|
|
83
83
|
acs_url: saml_acs_url,
|
|
84
84
|
cert: sp_x509_cert,
|
|
85
|
-
fingerprint:
|
|
85
|
+
fingerprint: SamlIdp::Fingerprint.certificate_digest(sp_x509_cert)
|
|
86
86
|
}
|
|
87
87
|
}
|
|
88
88
|
end
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: saml_idp
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.
|
|
4
|
+
version: 0.12.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Jon Phenow
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2020-
|
|
11
|
+
date: 2020-11-20 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: activesupport
|
|
@@ -228,6 +228,7 @@ files:
|
|
|
228
228
|
- lib/saml_idp/default.rb
|
|
229
229
|
- lib/saml_idp/encryptor.rb
|
|
230
230
|
- lib/saml_idp/engine.rb
|
|
231
|
+
- lib/saml_idp/fingerprint.rb
|
|
231
232
|
- lib/saml_idp/hashable.rb
|
|
232
233
|
- lib/saml_idp/incoming_metadata.rb
|
|
233
234
|
- lib/saml_idp/logout_builder.rb
|
|
@@ -254,6 +255,7 @@ files:
|
|
|
254
255
|
- spec/lib/saml_idp/configurator_spec.rb
|
|
255
256
|
- spec/lib/saml_idp/controller_spec.rb
|
|
256
257
|
- spec/lib/saml_idp/encryptor_spec.rb
|
|
258
|
+
- spec/lib/saml_idp/fingerprint_spec.rb
|
|
257
259
|
- spec/lib/saml_idp/incoming_metadata_spec.rb
|
|
258
260
|
- spec/lib/saml_idp/logout_request_builder_spec.rb
|
|
259
261
|
- spec/lib/saml_idp/logout_response_builder_spec.rb
|
|
@@ -350,7 +352,7 @@ metadata:
|
|
|
350
352
|
homepage_uri: https://github.com/saml-idp/saml_idp
|
|
351
353
|
source_code_uri: https://github.com/saml-idp/saml_idp
|
|
352
354
|
bug_tracker_uri: https://github.com/saml-idp/saml_idp/issues
|
|
353
|
-
documentation_uri: http://rdoc.info/gems/saml_idp/0.
|
|
355
|
+
documentation_uri: http://rdoc.info/gems/saml_idp/0.12.0
|
|
354
356
|
post_install_message: |
|
|
355
357
|
If you're just recently updating saml_idp - please be aware we've changed the default
|
|
356
358
|
certificate. See the PR and a description of why we've done this here:
|
|
@@ -394,6 +396,7 @@ test_files:
|
|
|
394
396
|
- spec/lib/saml_idp/configurator_spec.rb
|
|
395
397
|
- spec/lib/saml_idp/controller_spec.rb
|
|
396
398
|
- spec/lib/saml_idp/encryptor_spec.rb
|
|
399
|
+
- spec/lib/saml_idp/fingerprint_spec.rb
|
|
397
400
|
- spec/lib/saml_idp/incoming_metadata_spec.rb
|
|
398
401
|
- spec/lib/saml_idp/logout_request_builder_spec.rb
|
|
399
402
|
- spec/lib/saml_idp/logout_response_builder_spec.rb
|